[tor-dev] HS v3 client authorization types

George Kadianakis desnacked at riseup.net
Fri May 18 16:03:09 UTC 2018

Ian Goldberg <iang at cs.uwaterloo.ca> writes:

> On Thu, May 10, 2018 at 12:20:05AM +0700, Suphanat Chunhapanya wrote:
>> On 05/09/2018 03:50 PM, George Kadianakis wrote:
>> > b) We might also want to look into XEdDSA and see if we can potentially
>> >    use the same keypair for both intro auth (ed25519) and desc auth
>> (x25519).
>> This will be a great advantage if we can do that because putting two
>> private keys in the HidServAuth is so frustrating.
> The private key for intro auth is used to make a signature (that will be
> different per client), while the private key for desc auth is used to
> decrypt the descriptor (which will be the same for all clients), no?

Hm. Both intro auth and desc auth keys are different for each client. In
the case of desc auth we do that so that we can revoke a client without
needing to refresh desc auth keys for all other clients.

More information about the tor-dev mailing list